infrahub-server 1.2.9rc0__py3-none-any.whl → 1.3.0a0__py3-none-any.whl

infrahub/computed_attribute/tasks.py

@@ -14,7 +14,7 @@ from infrahub.core.registry import registry
 from infrahub.events import BranchDeletedEvent
 from infrahub.git.repository import get_initialized_repo
 from infrahub.services import InfrahubServices  # noqa: TC001  needed for prefect flow
-from infrahub.trigger.models import TriggerType
+from infrahub.trigger.models import TriggerSetupReport, TriggerType
 from infrahub.trigger.setup import setup_triggers
 from infrahub.workflows.catalogue import (
     COMPUTED_ATTRIBUTE_PROCESS_JINJA2,
@@ -25,7 +25,11 @@ from infrahub.workflows.catalogue import (
 from infrahub.workflows.utils import add_tags, wait_for_schema_to_converge
 
 from .gather import gather_trigger_computed_attribute_jinja2, gather_trigger_computed_attribute_python
-from .models import ComputedAttrJinja2GraphQL, ComputedAttrJinja2GraphQLResponse, PythonTransformTarget
+from .models import (
+    ComputedAttrJinja2GraphQL,
+    ComputedAttrJinja2GraphQLResponse,
+    PythonTransformTarget,
+)
 
 if TYPE_CHECKING:
     from infrahub.core.schema.computed_attribute import ComputedAttribute
@@ -159,10 +163,10 @@ async def trigger_update_python_computed_attributes(
 
 
 @flow(
-    name="process_computed_attribute_value_jinja2",
-    flow_run_name="Update value for computed attribute {attribute_name}",
+    name="computed-attribute-jinja2-update-value",
+    flow_run_name="Update value for computed attribute {node_kind}:{attribute_name}",
 )
-async def update_computed_attribute_value_jinja2(
+async def computed_attribute_jinja2_update_value(
     branch_name: str,
     obj: ComputedAttrJinja2GraphQLResponse,
     node_kind: str,
@@ -246,7 +250,7 @@ async def process_jinja2(
         batch = await service.client.create_batch()
         for node in found:
             batch.add(
-                task=update_computed_attribute_value_jinja2,
+                task=computed_attribute_jinja2_update_value,
                 branch_name=branch_name,
                 obj=node,
                 node_kind=node_schema.kind,
@@ -302,26 +306,33 @@ async def computed_attribute_setup_jinja2(
 
         triggers = await gather_trigger_computed_attribute_jinja2()
 
-        for trigger in triggers:
-            if event_name != BranchDeletedEvent.event_name and trigger.branch == branch_name:
-                await service.workflow.submit_workflow(
-                    workflow=TRIGGER_UPDATE_JINJA_COMPUTED_ATTRIBUTES,
-                    context=context,
-                    parameters={
-                        "branch_name": trigger.branch,
-                        "computed_attribute_name": trigger.computed_attribute.attribute.name,
-                        "computed_attribute_kind": trigger.computed_attribute.kind,
-                    },
-                )
-
         # Configure all ComputedAttrJinja2Trigger in Prefect
         async with get_client(sync_client=False) as prefect_client:
-            await setup_triggers(
+            report: TriggerSetupReport = await setup_triggers(
                 client=prefect_client,
                 triggers=triggers,
                 trigger_type=TriggerType.COMPUTED_ATTR_JINJA2,
+                force_update=False,
             )  # type: ignore[misc]
 
+            # Since we can have multiple trigger per NodeKind
+            # we need to extract the list of unique node that should be processed
+            unique_nodes: set[tuple[str, str, str]] = {
+                (trigger.branch, trigger.computed_attribute.kind, trigger.computed_attribute.attribute.name)  # type: ignore[attr-defined]
+                for trigger in report.updated + report.created
+            }
+            for branch, kind, attribute_name in unique_nodes:
+                if event_name != BranchDeletedEvent.event_name and branch == branch_name:
+                    await service.workflow.submit_workflow(
+                        workflow=TRIGGER_UPDATE_JINJA_COMPUTED_ATTRIBUTES,
+                        context=context,
+                        parameters={
+                            "branch_name": branch,
+                            "computed_attribute_name": attribute_name,
+                            "computed_attribute_kind": kind,
+                        },
+                    )
+
         log.info(f"{len(triggers)} Computed Attribute for Jinja2 automation configuration completed")
 
 
@@ -347,18 +358,29 @@ async def computed_attribute_setup_python(
 
         triggers_python, triggers_python_query = await gather_trigger_computed_attribute_python(db=db)
 
-        for trigger in triggers_python:
-            if event_name != BranchDeletedEvent.event_name and trigger.branch == branch_name:
-                log.info(
-                    f"Triggering update for {trigger.computed_attribute.computed_attribute.attribute.name} on {branch_name}"
-                )
+        # Since we can have multiple trigger per NodeKind
+        # we need to extract the list of unique node that should be processed
+        # also
+        # Because the automation in Prefect doesn't capture all information about the computed attribute
+        # we can't tell right now if a given computed attribute has changed and need to be updated
+        unique_nodes: set[tuple[str, str, str]] = {
+            (
+                trigger.branch,
+                trigger.computed_attribute.computed_attribute.kind,
+                trigger.computed_attribute.computed_attribute.attribute.name,
+            )
+            for trigger in triggers_python
+        }
+        for branch, kind, attribute_name in unique_nodes:
+            if event_name != BranchDeletedEvent.event_name and branch == branch_name:
+                log.info(f"Triggering update for {kind}.{attribute_name} on {branch}")
                 await service.workflow.submit_workflow(
                     workflow=TRIGGER_UPDATE_PYTHON_COMPUTED_ATTRIBUTES,
                     context=context,
                     parameters={
                         "branch_name": branch_name,
-                        "computed_attribute_name": trigger.computed_attribute.computed_attribute.attribute.name,
-                        "computed_attribute_kind": trigger.computed_attribute.computed_attribute.kind,
+                        "computed_attribute_name": attribute_name,
+                        "computed_attribute_kind": kind,
                     },
                 )
 

infrahub/config.py

@@ -269,6 +269,7 @@ class DatabaseSettings(BaseSettings):
     address: str = "localhost"
     port: int = 7687
     database: str | None = Field(default=None, pattern=VALID_DATABASE_NAME_REGEX, description="Name of the database")
+    policy: str | None = Field(default=None, description="Routing policy for database connections")
     tls_enabled: bool = Field(default=False, description="Indicates if TLS is enabled for the connection")
     tls_insecure: bool = Field(default=False, description="Indicates if TLS certificates are verified")
     tls_ca_file: str | None = Field(default=None, description="File path to CA cert or bundle in PEM format")
@@ -293,6 +294,14 @@ class DatabaseSettings(BaseSettings):
         default=0.01, ge=0, description="Delay to add when max_concurrent_queries is reached."
     )
 
+    @property
+    def database_uri(self) -> str:
+        """Constructs the database URI based on the configuration settings."""
+        base_uri = f"{self.protocol}://{self.address}:{self.port}"
+        if self.policy is not None:
+            return f"{base_uri}?policy={self.policy}"
+        return base_uri
+
     @property
     def database_name(self) -> str:
         return self.database or self.db_type.value

infrahub/core/account.py

@@ -69,8 +69,7 @@ class AccountGlobalPermissionQuery(Query):
         query = """
         MATCH (account:%(generic_account_node)s)
         WHERE account.uuid = $account_id
-        CALL {
-            WITH account
+        CALL (account) {
             MATCH (account)-[r:IS_PART_OF]-(root:Root)
             WHERE %(branch_filter)s
             RETURN account as account1, r as r1
@@ -80,8 +79,7 @@ class AccountGlobalPermissionQuery(Query):
         WITH account, r1 as r
         WHERE r.status = "active"
         WITH account
-        CALL {
-            WITH account
+        CALL (account) {
             MATCH (account)-[r1:IS_RELATED]->(:Relationship {name: "group_member"})<-[r2:IS_RELATED]-(account_group:%(account_group_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH account_group, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -92,8 +90,7 @@ class AccountGlobalPermissionQuery(Query):
         }
         WITH account_group
 
-        CALL {
-            WITH account_group
+        CALL (account_group) {
             MATCH (account_group)-[r1:IS_RELATED]->(:Relationship {name: "role__accountgroups"})<-[r2:IS_RELATED]-(account_role:%(account_role_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH account_role, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -104,8 +101,7 @@ class AccountGlobalPermissionQuery(Query):
         }
         WITH account_role
 
-        CALL {
-            WITH account_role
+        CALL (account_role) {
             MATCH (account_role)-[r1:IS_RELATED]->(:Relationship {name: "role__permissions"})<-[r2:IS_RELATED]-(global_permission:%(global_permission_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH global_permission, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -116,7 +112,7 @@ class AccountGlobalPermissionQuery(Query):
         }
         WITH global_permission
 
-        CALL {
+        CALL (global_permission) {
             WITH global_permission
             MATCH (global_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "action"})-[r2:HAS_VALUE]->(global_permission_action:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
@@ -127,8 +123,7 @@ class AccountGlobalPermissionQuery(Query):
         WITH global_permission, global_permission_action, is_active AS gpa_is_active
         WHERE gpa_is_active = TRUE
 
-        CALL {
-            WITH global_permission
+        CALL (global_permission) {
             MATCH (global_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "decision"})-[r2:HAS_VALUE]->(global_permission_decision:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN global_permission_decision, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -183,8 +178,7 @@ class AccountObjectPermissionQuery(Query):
         query = """
         MATCH (account:%(generic_account_node)s)
         WHERE account.uuid = $account_id
-        CALL {
-            WITH account
+        CALL (account) {
             MATCH (account)-[r:IS_PART_OF]-(root:Root)
             WHERE %(branch_filter)s
             RETURN account as account1, r as r1
@@ -194,8 +188,7 @@ class AccountObjectPermissionQuery(Query):
         WITH account, r1 as r
         WHERE r.status = "active"
         WITH account
-        CALL {
-            WITH account
+        CALL (account) {
             MATCH (account)-[r1:IS_RELATED]->(:Relationship {name: "group_member"})<-[r2:IS_RELATED]-(account_group:%(account_group_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH account_group, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -206,8 +199,7 @@ class AccountObjectPermissionQuery(Query):
         }
         WITH account_group
 
-        CALL {
-            WITH account_group
+        CALL (account_group) {
             MATCH (account_group)-[r1:IS_RELATED]->(:Relationship {name: "role__accountgroups"})<-[r2:IS_RELATED]-(account_role:%(account_role_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH account_role, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -218,8 +210,7 @@ class AccountObjectPermissionQuery(Query):
         }
         WITH account_role
 
-        CALL {
-            WITH account_role
+        CALL (account_role) {
             MATCH (account_role)-[r1:IS_RELATED]->(:Relationship {name: "role__permissions"})<-[r2:IS_RELATED]-(object_permission:%(object_permission_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH object_permission, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -230,8 +221,7 @@ class AccountObjectPermissionQuery(Query):
         }
         WITH object_permission
 
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "namespace"})-[r2:HAS_VALUE]->(object_permission_namespace:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_namespace, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -240,8 +230,7 @@ class AccountObjectPermissionQuery(Query):
         }
         WITH object_permission, object_permission_namespace, is_active AS opn_is_active
         WHERE opn_is_active = TRUE
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "name"})-[r2:HAS_VALUE]->(object_permission_name:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_name, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -250,8 +239,7 @@ class AccountObjectPermissionQuery(Query):
         }
         WITH object_permission, object_permission_namespace, object_permission_name, is_active AS opn_is_active
         WHERE opn_is_active = TRUE
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "action"})-[r2:HAS_VALUE]->(object_permission_action:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_action, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -260,8 +248,7 @@ class AccountObjectPermissionQuery(Query):
         }
         WITH object_permission, object_permission_namespace, object_permission_name, object_permission_action, is_active AS opa_is_active
         WHERE opa_is_active = TRUE
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "decision"})-[r2:HAS_VALUE]->(object_permission_decision:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_decision, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -336,8 +323,7 @@ class AccountRoleGlobalPermissionQuery(Query):
         query = """
         MATCH (account_role:%(account_role_node)s)
         WHERE account_role.uuid = $role_id
-        CALL {
-            WITH account_role
+        CALL (account_role) {
             MATCH (account_role)-[r:IS_PART_OF]-(root:Root)
             WHERE %(branch_filter)s
             RETURN account_role as account_role1, r as r1
@@ -348,8 +334,7 @@ class AccountRoleGlobalPermissionQuery(Query):
         WHERE r.status = "active"
         WITH account_role
 
-        CALL {
-            WITH account_role
+        CALL (account_role) {
             MATCH (account_role)-[r1:IS_RELATED]->(:Relationship {name: "role__permissions"})<-[r2:IS_RELATED]-(global_permission:%(global_permission_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH global_permission, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -360,8 +345,7 @@ class AccountRoleGlobalPermissionQuery(Query):
         }
         WITH global_permission
 
-        CALL {
-            WITH global_permission
+        CALL (global_permission) {
             MATCH (global_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "action"})-[r2:HAS_VALUE]->(global_permission_action:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN global_permission_action, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -371,8 +355,7 @@ class AccountRoleGlobalPermissionQuery(Query):
         WITH global_permission, global_permission_action, is_active AS gpa_is_active
         WHERE gpa_is_active = TRUE
 
-        CALL {
-            WITH global_permission
+        CALL (global_permission) {
             MATCH (global_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "decision"})-[r2:HAS_VALUE]->(global_permission_decision:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN global_permission_decision, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -425,8 +408,7 @@ class AccountRoleObjectPermissionQuery(Query):
         query = """
         MATCH (account_role:%(account_role_node)s)
         WHERE account_role.uuid = $role_id
-        CALL {
-            WITH account_role
+        CALL (account_role) {
             MATCH (account_role)-[r:IS_PART_OF]-(root:Root)
             WHERE %(branch_filter)s
             RETURN account_role as account_role1, r as r1
@@ -437,8 +419,7 @@ class AccountRoleObjectPermissionQuery(Query):
         WHERE r.status = "active"
         WITH account_role
 
-        CALL {
-            WITH account_role
+        CALL (account_role) {
             MATCH (account_role)-[r1:IS_RELATED]->(:Relationship {name: "role__permissions"})<-[r2:IS_RELATED]-(object_permission:%(object_permission_node)s)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             WITH object_permission, r1, r2, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -449,8 +430,7 @@ class AccountRoleObjectPermissionQuery(Query):
         }
         WITH object_permission
 
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "namespace"})-[r2:HAS_VALUE]->(object_permission_namespace:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_namespace, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -459,8 +439,7 @@ class AccountRoleObjectPermissionQuery(Query):
         }
         WITH object_permission, object_permission_namespace, is_active AS opn_is_active
         WHERE opn_is_active = TRUE
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "name"})-[r2:HAS_VALUE]->(object_permission_name:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_name, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -469,8 +448,7 @@ class AccountRoleObjectPermissionQuery(Query):
         }
         WITH object_permission, object_permission_namespace, object_permission_name, is_active AS opn_is_active
         WHERE opn_is_active = TRUE
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "action"})-[r2:HAS_VALUE]->(object_permission_action:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_action, (r1.status = "active" AND r2.status = "active") AS is_active
@@ -479,8 +457,7 @@ class AccountRoleObjectPermissionQuery(Query):
         }
         WITH object_permission, object_permission_namespace, object_permission_name, object_permission_action, is_active AS opa_is_active
         WHERE opa_is_active = TRUE
-        CALL {
-            WITH object_permission
+        CALL (object_permission) {
             MATCH (object_permission)-[r1:HAS_ATTRIBUTE]->(:Attribute {name: "decision"})-[r2:HAS_VALUE]->(object_permission_decision:AttributeValue)
             WHERE all(r IN [r1, r2] WHERE (%(branch_filter)s))
             RETURN object_permission_decision, (r1.status = "active" AND r2.status = "active") AS is_active

infrahub/core/attribute.py

@@ -232,7 +232,7 @@ class BaseAttribute(FlagPropertyMixin, NodePropertyMixin):
         Raises:
             ValidationError: Content of the attribute value is not valid
         """
-        if schema.regex:
+        if regex := schema.get_regex():
             if schema.kind == "List":
                 validation_values = [str(entry) for entry in value]
             else:
@@ -240,22 +240,20 @@ class BaseAttribute(FlagPropertyMixin, NodePropertyMixin):
 
             for validation_value in validation_values:
                 try:
-                    is_valid = re.match(pattern=schema.regex, string=str(validation_value))
+                    is_valid = re.match(pattern=regex, string=str(validation_value))
                 except re.error as exc:
-                    raise ValidationError(
-                        {name: f"The regex defined in the schema is not valid ({schema.regex!r})"}
-                    ) from exc
+                    raise ValidationError({name: f"The regex defined in the schema is not valid ({regex!r})"}) from exc
 
                 if not is_valid:
-                    raise ValidationError({name: f"{validation_value} must conform with the regex: {schema.regex!r}"})
+                    raise ValidationError({name: f"{validation_value} must conform with the regex: {regex!r}"})
 
-        if schema.min_length:
-            if len(value) < schema.min_length:
-                raise ValidationError({name: f"{value} must have a minimum length of {schema.min_length!r}"})
+        if min_length := schema.get_min_length():
+            if len(value) < min_length:
+                raise ValidationError({name: f"{value} must have a minimum length of {min_length!r}"})
 
-        if schema.max_length:
-            if len(value) > schema.max_length:
-                raise ValidationError({name: f"{value} must have a maximum length of {schema.max_length!r}"})
+        if max_length := schema.get_max_length():
+            if len(value) > max_length:
+                raise ValidationError({name: f"{value} must have a maximum length of {max_length!r}"})
 
         if schema.enum:
             try:
@@ -782,6 +780,10 @@ class Dropdown(BaseAttribute):
 
         return ""
 
+    @staticmethod
+    def get_allowed_property_in_path() -> list[str]:
+        return ["color", "description", "label", "value"]
+
     @classmethod
     def validate_content(cls, value: Any, name: str, schema: AttributeSchema) -> None:
         """Validate the content of the dropdown."""
@@ -817,7 +819,18 @@ class IPNetwork(BaseAttribute):
 
     @staticmethod
     def get_allowed_property_in_path() -> list[str]:
-        return ["value", "version", "binary_address", "prefixlen"]
+        return [
+            "binary_address",
+            "broadcast_address",
+            "hostmask",
+            "netmask",
+            "num_addresses",
+            "prefixlen",
+            "value",
+            "version",
+            "with_hostmask",
+            "with_netmask",
+        ]
 
     @property
     def obj(self) -> ipaddress.IPv4Network | ipaddress.IPv6Network:
@@ -950,7 +963,17 @@ class IPHost(BaseAttribute):
 
     @staticmethod
     def get_allowed_property_in_path() -> list[str]:
-        return ["value", "version", "binary_address"]
+        return [
+            "binary_address",
+            "hostmask",
+            "ip",
+            "netmask",
+            "prefixlen",
+            "value",
+            "version",
+            "with_hostmask",
+            "with_netmask",
+        ]
 
     @property
     def obj(self) -> ipaddress.IPv4Interface | ipaddress.IPv6Interface:
@@ -1170,6 +1193,22 @@ class MacAddress(BaseAttribute):
         """Serialize the value as standard EUI-48 or EUI-64 before storing it in the database."""
         return str(netaddr.EUI(addr=self.value))
 
+    @staticmethod
+    def get_allowed_property_in_path() -> list[str]:
+        return [
+            "bare",
+            "binary",
+            "dot_notation",
+            "ei",
+            "eui48",
+            "eui64",
+            "oui",
+            "semicolon_notation",
+            "split_notation",
+            "value",
+            "version",
+        ]
+
 
 class MacAddressOptional(MacAddress):
     value: str | None

infrahub/core/branch/models.py

@@ -295,6 +295,7 @@ class Branch(StandardNode):
         is_isolated: bool = True,
         branch_agnostic: bool = False,
         variable_name: str = "r",
+        params_prefix: str = "",
     ) -> tuple[str, dict]:
         """
         Generate a CYPHER Query filter based on a path to query a part of the graph at a specific time and on a specific branch.
@@ -306,30 +307,28 @@ class Branch(StandardNode):
 
             There is a currently an assumption that the relationship in the path will be named 'r'
         """
-
+        pp = params_prefix
         params: dict[str, Any] = {}
         at = Timestamp(at)
         at_str = at.to_string()
         if branch_agnostic:
-            filter_str = (
-                f"{variable_name}.from <= $time1 AND ({variable_name}.to IS NULL or {variable_name}.to >= $time1)"
-            )
-            params["time1"] = at_str
+            filter_str = f"{variable_name}.from <= ${pp}time1 AND ({variable_name}.to IS NULL or {variable_name}.to >= ${pp}time1)"
+            params[f"{pp}time1"] = at_str
             return filter_str, params
 
         branches_times = self.get_branches_and_times_to_query_global(at=at_str, is_isolated=is_isolated)
 
         for idx, (branch_name, time_to_query) in enumerate(branches_times.items()):
-            params[f"branch{idx}"] = list(branch_name)
-            params[f"time{idx}"] = time_to_query
+            params[f"{pp}branch{idx}"] = list(branch_name)
+            params[f"{pp}time{idx}"] = time_to_query
 
         filters = []
         for idx in range(len(branches_times)):
             filters.append(
-                f"({variable_name}.branch IN $branch{idx} AND {variable_name}.from <= $time{idx} AND {variable_name}.to IS NULL)"
+                f"({variable_name}.branch IN ${pp}branch{idx} AND {variable_name}.from <= ${pp}time{idx} AND {variable_name}.to IS NULL)"
             )
             filters.append(
-                f"({variable_name}.branch IN $branch{idx} AND {variable_name}.from <= $time{idx} AND {variable_name}.to >= $time{idx})"
+                f"({variable_name}.branch IN ${pp}branch{idx} AND {variable_name}.from <= ${pp}time{idx} AND {variable_name}.to >= ${pp}time{idx})"
             )
 
         filter_str = "(" + "\n OR ".join(filters) + ")"

infrahub/core/branch/tasks.py

@@ -212,8 +212,6 @@ async def merge_branch(
 
         merger: BranchMerger | None = None
         async with lock.registry.global_graph_lock():
-            # await update_diff(model=RequestDiffUpdate(branch_name=obj.name))
-
             diff_repository = await component_registry.get_component(DiffRepository, db=db, branch=obj)
             diff_coordinator = await component_registry.get_component(DiffCoordinator, db=db, branch=obj)
             diff_merger = await component_registry.get_component(DiffMerger, db=db, branch=obj)

infrahub/core/constants/infrahubkind.py

@@ -2,6 +2,7 @@ ACCOUNT = "CoreAccount"
 ACCOUNTGROUP = "CoreAccountGroup"
 ACCOUNTROLE = "CoreAccountRole"
 ACCOUNTTOKEN = "InternalAccountToken"
+ACTION = "CoreAction"
 ARTIFACT = "CoreArtifact"
 ARTIFACTCHECK = "CoreArtifactCheck"
 ARTIFACTDEFINITION = "CoreArtifactDefinition"
@@ -21,6 +22,7 @@ DATAVALIDATOR = "CoreDataValidator"
 FILECHECK = "CoreFileCheck"
 FILETHREAD = "CoreFileThread"
 GENERICACCOUNT = "CoreGenericAccount"
+GENERATORACTION = "CoreGeneratorAction"
 GENERATORCHECK = "CoreGeneratorCheck"
 GENERATORDEFINITION = "CoreGeneratorDefinition"
 GENERATORINSTANCE = "CoreGeneratorInstance"
@@ -30,6 +32,8 @@ GENERICGROUP = "CoreGroup"
 GLOBALPERMISSION = "CoreGlobalPermission"
 GRAPHQLQUERY = "CoreGraphQLQuery"
 GRAPHQLQUERYGROUP = "CoreGraphQLQueryGroup"
+GROUPACTION = "CoreGroupAction"
+GROUPTRIGGERRULE = "CoreGroupTriggerRule"
 IPNAMESPACE = "BuiltinIPNamespace"
 IPADDRESS = "BuiltinIPAddress"
 IPADDRESSPOOL = "CoreIPAddressPool"
@@ -39,6 +43,9 @@ MENU = "CoreMenu"
 MENUITEM = "CoreMenuItem"
 NAMESPACE = "IpamNamespace"
 NODE = "CoreNode"
+NODETRIGGERRULE = "CoreNodeTriggerRule"
+NODETRIGGERATTRIBUTEMATCH = "CoreNodeTriggerAttributeMatch"
+NODETRIGGERRELATIONSHIPMATCH = "CoreNodeTriggerRelationshipMatch"
 NUMBERPOOL = "CoreNumberPool"
 LINEAGEOWNER = "LineageOwner"
 LINEAGESOURCE = "LineageSource"
@@ -67,6 +74,7 @@ THREADCOMMENT = "CoreThreadComment"
 TRANSFORM = "CoreTransformation"
 TRANSFORMJINJA2 = "CoreTransformJinja2"
 TRANSFORMPYTHON = "CoreTransformPython"
+TRIGGERRULE = "CoreTriggerRule"
 USERVALIDATOR = "CoreUserValidator"
 VALIDATOR = "CoreValidator"
 WEBHOOK = "CoreWebhook"

infrahub/core/constraint/node/runner.py

@@ -26,7 +26,7 @@ class NodeConstraintRunner:
     async def check(
         self, node: Node, field_filters: list[str] | None = None, skip_uniqueness_check: bool = False
     ) -> None:
-        async with self.db.start_session() as db:
+        async with self.db.start_session(read_only=False) as db:
             await node.resolve_relationships(db=db)
 
             if not skip_uniqueness_check: